using System;
using System.Diagnostics;
using System.Security;
using System.IO;
using Microsoft.Win32;

/**
    author:ivor
    提权调用自己然后按条件删除C:\\Users子文件夹 和 ProfileList 子项
    */


namespace UpPrivilege
{
    class Program
    {
        static void Main(string[] args)
        {

            if (args.Length == 0)
            {
                Lanch(Environment.UserName, Environment.CommandLine);
            }
            else
            {
                DeleteUserProfile(args[0]);
                Console.Write("press any key to exit....");
                Console.ReadKey();
            }

        }

        public static void Lanch(String domainUser, String file)
        {
            /**
                提权运行
                domain:local.domain
                user:test
                password:test
            */
            ProcessStartInfo psi = new ProcessStartInfo();
            psi.Domain = "";
            psi.UserName = "";
            psi.Password = ConvertToSecuretString("");
            psi.FileName = file;
            psi.Arguments = domainUser;
            psi.UseShellExecute = false;

            Process p = new Process();
            p.StartInfo = psi;
            p.Start();

        }

        public static SecureString ConvertToSecuretString(String passWord)
        {
            /**
                encrypt password string
            */
            if (passWord == null)
                throw new ArgumentNullException("passWord");
            unsafe
            {
                fixed (char* passwordChars = passWord)
                {
                    SecureString securePassword = new SecureString(passwordChars, passWord.Length);
                    securePassword.MakeReadOnly();
                    return securePassword;
                }

            }

        }

        public static void DeleteUserProfile(String domainUser)
        {
            /**
                delete user's folder
            */
            try { 
                const String REG_PATH = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList";
                const String USERS_FOLDER = "C:\\Users";
                DirectoryInfo dir = new DirectoryInfo(USERS_FOLDER);
                DirectoryInfo[] dirs = dir.GetDirectories();
                foreach (DirectoryInfo d in dirs)
                {
                    if (d.Name != domainUser & d.Name != "Administrator" & d.Name != "Public" & d.Name != "Default")
                    {
                        Console.WriteLine("{0} is deleting!", d.Name);
                        d.Delete(true);
                        DeleteProfileList(REG_PATH, d.FullName);

                    }
                }
            } catch (Exception e)
            {
                Console.WriteLine(e.Message);
            }



        }
        public static bool DeleteProfileList(String profileList, String domainUser)
        {
            /**
                clear register key
            */
            String subkey;
            RegistryKey subReg;
            RegistryKey key = Registry.LocalMachine;
            RegistryKey myreg = key.OpenSubKey(profileList, true);

            foreach (var k in myreg.GetSubKeyNames())
            {
                
                subkey = String.Format("{0}\\{1}", profileList, k);
                subReg = key.OpenSubKey(subkey);
                foreach (var sk in subReg.GetValueNames())
                {
                    if (sk == "ProfileImagePath")
                    {
                        String ProfileImagePath = subReg.GetValue(sk).ToString();
                        if (ProfileImagePath == domainUser)
                        {
                            Console.WriteLine(subkey + "\n");
                            myreg.DeleteSubKeyTree(k);
                            return true;
                        }
                    }

                }
            }
            return false;
        }


    }
}